PKI client certificate authentication not working in GoldenGate 21c docker image

[jsrober]

Thank you for publishing the GoldenGate docker image build scripts on Github.

I'm using them with our Oracle Database and GoldenGate environment.

I have everything working with username/password authentication, but I can't get PKI client-certificate authentication working.

In this file it looks like you're passing the client-cert credentials to the GoldenGate services:

https://github.com/oracle/docker-images/blob/main/OracleGoldenGate/21c/nginx/ogg-headers.conf

I created a GoldenGate user with the username as my certificate DN, but authentication isn't working.

My GG services are running using http (not https). This is the default configuration that's provided by your docker build script. Do I need to change the services to use https?

Do you have a suggestion for how to verify that nginx is properly passing the client certificate credentials (via X-SSL-Client-S-DN for example)? I am trying to figure out if the problem is with the ngnix configuration or the GoldenGate configuration.

Thanks,
John